It’s been nearly four years since Estonia fell victim to a massive cyberattack that crippled its government, financial and media computer networks. Now, with international incidences of cybercrime on the rise, Estonia is taking the lead in fighting back.
The Cyber Defense League is made up of volunteers, among them cybersecurity professionals from both the private and public sectors. The group “carries out regular weekend exercises to prepare for possible cyber contingencies,” Defense Minister Jaak Aaviksoo said.
Eighty percent of Estonia uses the Internet to pay taxes and conduct banking transactions, according to NPR, making the country particularly vulnerable should it face another attack similar to the 2007 incident, which was launched by Russian hackers.
To ensure all cyberexperts are available to serve during an emergency situation, Aaviksoo said that the Cyber Defense League is considering a draft.
Estonia is not the only country to face massive cyberattacks: An Iranian nuclear power plan was targeted by the Stuxnet computer worm in June 2010. In a similar vein, China launched its “Aurora” attack against Google and 34 other high-profile companies in January 2010.
But according to one security professional, Estonia's Cyber Defense League is a disastrous idea.
"A volunteer cyber-army is about the worst idea one can think up," said George Smith, senior fellow with GlobalSecurity.org.
"History shows us that 'volunteer cyber-warriors' -- garden variety hackers -- are always around. A volunteer cyber-army attacked WikiLeaks. Volunteer cyber-armies retaliated against various U.S. businesses," he told SecurityNewsDaily. "You see the problems. You're just legitimizing and green-flagging often random cyberspace vandalism and bullying in the hopes that it will work out in your favor. That's atrocious. And really stupid."
"Have they gone crazy in Estonia?" Smith added. "It's certainly no sensible model or policy."